Security

Extras

iTunes Gift Certificate Trojan Email

OutlineEmail claims that the recipient has received an iTunes Gift Certificate worth $50.00 and instructs him or her to open an attached file to access a certificate code.

Brief Analysis
The email is not from iTunes and the claim that it contains an iTunes Gift Certificate is a lie designed to fool recipients into opening the attached file. Those who open the attachment may install an trojan that can give hackers access to their computers.

You have received an iTunes Gift Certificate in the amount of $50.00 You can find your certificate code in attachment below.

Then you need to open iTunes. Once you verify your account, $50.00 will be credited to your account, so you can start buying music, games, video right away.

iTunes Store.

Detailed Analysis
This email purports to be an official message from the iTunes Store and claims that the recipient has been given an iTunes Gift Certificate to the value of $50. According to the message, the recipient can redeem the gift certificate and begin buying music and other items from the iTunes Store by using the certificate code supposedly contained in a file attached to the email.

However, the email is not from iTunes and the promise of a $50 gift certificate is simply the bait used to entice recipients into opening the email's attachment. A recipient who does open the attachment will certainly not find a certificate code. Instead, by clicking the attachment, he or she will inadvertently launch a malicious application that can install a trojan on his or her computer. Once installed, this trojan can then modify the Windows registry, potentially give hackers access to the infected computer by connecting to a remote server, and download and install even more malware components.

Internet criminals often use the lure of supposedly free gifts, products and services as a means of fooling victims into opening malicious attachments or websites. By offering what appears to be an unexpected gift, these criminals hope that their victims will fall for their traps by following instructions without due forethought. They further the illusion that their bogus messages are legitimate by using the names and methods of genuine organizations.

By attempting to mirror the distribution methods of the targeted company, malware distributors often manage to make their malicious message seem more genuine. Of course, the iTunes Store is certainly real and offers a perfectly legitimate method of buying music and other items online. Moreover, iTunes users can indeed buy iTunes Gift Certificates for their friends or family members. And the person receiving the gift may well be sent an email notifying them that they have been given a certificate. However, such notification messages are likely to include the name of the sender along with a personal message and will not hide the certificate code in a separate email attachment.